CVE-2021-47943

TextPattern CMS 4.8.7 Remote Code Execution via File Upload

CVSS 8.7 HIGHEPSS 0.6%CWE-434

Vexday Risk Score

41Attention

SSVC decision (CISA)

Attend

PoC available → attend closely

CVSS 8.7EPSS 0.6%KEV nãoPoC públicaNuclei —Metasploit —Patch —

Lifecycle

10 May 2026Published on NVD

Recommendation: Plan a near-term fix — a public PoC already exists.

TextPattern CMS 4.8.7 contains a remote code execution vulnerability that allows authenticated attackers to execute arbitrary commands by uploading malicious PHP files through the file upload functionality. Attackers can upload a PHP shell via the Files section in the content area and execute commands by accessing the uploaded file at /textpattern/files/ with GET parameters passed to the system function.

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected products

Textpattern · TextPattern CMS

public PoCs found — 2

cve_referencewww.exploit-db.com/exploits/49996unverified cve_referencewww.exploit-db.com/exploits/50415unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://www.exploit-db.com/exploits/49996 https://www.exploit-db.com/exploits/50415 https://www.vulncheck.com/advisories/textpattern-cms-remote-code-execution-via-file-upload